Lucene search
K

21 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 4:30 p.m.4 views

Security Bulletin: IBM Storage Fusion Data Foundation is affected DOS caused by specially crafted regex or prototype pollution flaw (CVE-2022-37599, CVE-2022-37603, CVE-2022-37601)

Summary IBM Storage Fusion Data Foundation is used by IBM Storage Fusion Data Foundation. The application server takes input and crafted regex can cause the exploit to Denial of service. CVE-2022-37599, CVE-2022-37603, CVE-2022-37601. Vulnerability Details CVEID:CVE-2022-37599 DESCRIPTION:...

9.8CVSS7.9AI score0.02601EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/20 6:48 a.m.3 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to to prototype pollution due to webpack loader-utils ( CVE-2022-37601 )

Summary Potential vulnerabilities in webpack loader-utils module has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: Prototype pollution vulnerability in function parseQuery in parseQuery....

9.8CVSS9AI score0.02601EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2022-37601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all...

9.8CVSS7.2AI score0.02601EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/24 5:15 p.m.42 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: webpack...

9.8CVSS9AI score0.0434EPSS
Exploits9Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.31 views

RHEL 9 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - async: Prototype Pollution in async CVE-2021-43138 - The glob-parent package before 6.0.1 for Node.js...

7.8CVSS8.6AI score0.03346EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.35 views

RHEL 8 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ejs: server-side template injection in outputFunctionName CVE-2022-29078 - The package handlebars before...

9.8CVSS8.9AI score0.32386EPSS
Exploits11References10
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 7 : loader-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A Regular...

8.1AI score0.02601EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 6 : loader-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A Regular...

9.2AI score0.02601EPSS
Exploits2References3
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.29 views

CVE-2022-37601 affecting package reaper for versions less than 3.1.1-7

CVE-2022-37601 affecting package reaper for versions less than 3.1.1-7. A patched version of the package is available...

9.8CVSS9.6AI score0.02601EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/22 2:23 p.m.57 views

Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises

Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilities due to which an attacker could exploit this vulnerability to execute arbitrary code on the system and cause the application to crash cause a denial of service condition on the system. This...

9.8CVSS9.3AI score0.14663EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:31 p.m.43 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: webpack loader-utils could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the parseQuery function in...

9.8CVSS9.1AI score0.02601EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/01/19 11:3 a.m.96 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update

An update for Logging Subsystem 5.6.0 is now available for Red Hat OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.7AI score0.0486EPSS
Exploits6References38
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/03 9:8 a.m.41 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to webpack loader-utils vulnerability [CVE-2022-37601]

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to webpack loader-utils vulnerability with details below. CVE-2022-37601 This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: webpack loader-utils could allow a remote attacker to...

9.8CVSS9.7AI score0.02601EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/01 12:0 a.m.46 views

Debian dla-3258 : node-loader-utils - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3258 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3258-1 [email protected] https://www.debian.org/lts/security/...

9.8CVSS7.9AI score0.02601EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/01/01 12:0 a.m.24 views

Debian: Security Advisory (DLA-3258-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02601EPSS
Exploits1References4
Debian
Debian
added 2022/12/31 4:24 p.m.38 views

[SECURITY] [DLA 3258-1] node-loader-utils security update

Debian LTS Advisory DLA-3258-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2022 https://wiki.debian.org/LTS Package : node-loader-utils Version : 1.1.0-2+deb10u1 CVE ID : CVE-2022-37601 Supraja Baskar discovered prototype pollution vulnerability in...

9.8CVSS6.7AI score0.02601EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/10/13 12:0 p.m.5 views

0xgank-tea-advice-pull (=1.0.0), 0xgank-tea-balance-pencil (=1.0.0) +8755 more potentially affected by CVE-2022-37601 via loader-utils (>=2.0.0 <=2.0.2)

loader-utils NPM version =2.0.0, =2.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on loader-utils and may be impacted: - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0...

9.8CVSS7.1AI score0.02601EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/10/13 12:0 p.m.5 views

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 06demo-1 (=1.0.0) +33970 more potentially affected by CVE-2022-37601 via loader-utils (>=0.1.2 <=1.4.0)

loader-utils NPM version =0.1.2, =1.0.1, =1.1.0 - 06demo-1 =1.0.0 - 0726react =0.1.1 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...

9.8CVSS7.1AI score0.02601EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2022/10/12 8:15 p.m.44 views

CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

9.8CVSS6.8AI score0.02601EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/10/12 12:0 a.m.32 views

CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3...

9.5AI score0.02601EPSS
Exploits1References9
Rows per page
Query Builder